SPRINT

Security Services PlatfoRm for the INternet of Things

The Internet of Things (IoT) depicts an scenario where both the virtual and real world interweave by embedding sensors, actuators, RFID tags and other similar technologies in everyday objects. Furthermore, such objects will be connected to the Internet providing the network with real-time information. In this landscape, a new range of security services is expected. Consequently, the goal of this project is to develop a Security Services Platform to facilitate future software developers the seamless integration of secure services into their software specifically designed for the IoT scenario.

The SPRINT platform requires an in-depth analysis of the original IoT security requirements since it introduces significant differences in comparison with traditional Internet scenarios [1][2][3]. The development of basic and network security services is deemed critical for a fruitful integration of tiny limited devices with the current computer-based Internet [4]. More precisely, a secure network connectivity service [5] as well as a distributed intrusion detection service will be devised [6]. Also, the SPRINT platform will incorporate a service for trading off between security and quality of service, which is of vital importance given the extreme resource limitation of the involved objects.

The aforementioned services will provide a basis for the development of advanced security services specifically redesigned for the IoT environment. An identity and privacy management service will provide a privacy-preserving identification scheme depending on the requirements of the other communicating party, whether a human or another object. Also, a trust management service in order for objects to determine what relationships might be established with each other. Moreover, a secure object location service will guarantee the localization of objects[7], an intrinsic problem to the interaction with the objects of the physical world. Finally, all these services will be integrated into the platform and evaluated.

References

Abstract

Purpose: This paper aims to analyze the security issues that arise when integrating wireless sensor networks (WSN) and the internet. Also, it seeks to review whether existing technology mechanisms are suitable and can be applied in this context.

Design/methodology/approach: The paper considers the possible approaches that can be used to connect a WSN with the internet, and analyzes the security of their interactions.

Findings: By providing the services of the network through a front-end proxy, a sensor network and the internet can interact securely. There are other challenges to be solved if the sensor nodes are integrated into the internet infrastructure, although there exists interesting advances on his matter.

Research limitations and implications: The complete integration of sensor networks and the internet still remains as an open issue.

Practical implications: With the current state of the art, it is possible to develop a secure sensor network that can provide its services to internet hosts with certain security properties.

Originality/value: The paper studies the interactions between sensor networks and the internet from the point of view of security. It identifies both solutions and research challenges.

Abstract

If a wireless sensor network (WSN) is to be completely integrated into the Internet as part of the Internet of Things (IoT), it is necessary to consider various security challenges, such as the creation of a secure channel between an Internet host and a sensor node. In order to create such a channel, it is necessary to provide key management mechanisms that allow two remote devices to negotiate certain security credentials (e.g. secret keys) that will be used to protect the information flow. In this paper we will analyse not only the applicability of existing mechanisms such as public key cryptography and pre-shared keys for sensor nodes in the IoT context, but also the applicability of those link-layer oriented key management systems (KMS) whose original purpose is to provide shared keys for sensor nodes belonging to the same WSN.

Abstract

Wireless sensor networks (WSN) behave as a digital skin, providing a virtual layer where the information about the physical world can be accessed by any computational system. As a result, they are an invaluable resource for realizing the vision of the Internet of Things (IoT). However, it is necessary to consider whether the devices of a WSN should be completely integrated into the Internet or not. In this paper, we tackle this question from the perspective of security. While we will mention the different security challenges that may arise in such integration process, we will focus on the issues that take place at the network level.

Abstract

A way of controlling a cascading effect caused by a failure or a threat in a critical system is using intelligent mechanisms capable of predicting anomalous behaviours and also capable of reacting against them in advance. These mechanisms are known as Early Warning Systems (EWS) and this will be precisely the main topic of this paper. Specially, we present an EWS design based on a Wireless Sensor Network (using the ISA100.11a standard) that constantly supervise the application context. This EWS is also based on forensic techniques to provide dynamic learning capacities. As a result, this new approach will aid to provide a reliable control of incidences by offering a dynamic alarm management, identification of the most suitable field operator to attend an alarm, reporting of causes and responsible operators, and learning from new anomalous situations.

Abstract

Wireless Sensor Networks are considered to be one of the cornerstones of Ambient Intelligence since they can be used in countless applications, where sensors are unobtrusively embedded into the environment to perform operations like monitoring, tracking and reporting. In such scenarios, privacy issues must be carefully considered since the mere observation of the network operation might reveal great amounts of private information to unauthorised parties. One of the problems that is gaining more attention in the realm of privacy, is the location privacy problem, which aims to prevent an attacker from obtaining the location of specific nodes of interest to him. In this paper we provide a general overview of the proposed solutions to counter this threat. Finally, we will also discuss some open challenges and future directions of research for a convenient management of privacy issues in smart environments.